package com.jxdinfo.hussar.sso;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.jxdinfo.hussar.authentication.dto.AuthcDto;
import com.jxdinfo.hussar.authentication.dto.SysUsersDto;
import com.jxdinfo.hussar.authentication.service.HussarLoginValidateService;
import com.jxdinfo.hussar.support.exception.HussarException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.servlet.http.HttpServletRequest;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/jxdinfo/hussar/sso/SsoLoginServiceImpl.class */
public class SsoLoginServiceImpl implements HussarLoginValidateService {
    private static OkHttpClient client;

    @Resource
    private SsoLoginProperties properties;
    protected static final Logger LOGGER = LoggerFactory.getLogger(SsoLoginServiceImpl.class);
    private static final TrustManager[] trustAllCerts = {new X509TrustManager() { // from class: com.jxdinfo.hussar.sso.SsoLoginServiceImpl.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }};

    public String getLoginType() {
        return "thirdSso";
    }

    public String beforeSelectUser(HttpServletRequest httpServletRequest, String str, AuthcDto authcDto) {
        HashMap hashMap = new HashMap();
        hashMap.put("code", str);
        hashMap.put("client_id", this.properties.getAppId());
        hashMap.put("client_secret", this.properties.getAppSecret());
        hashMap.put("grant_type", this.properties.getGrantType());
        try {
            Response execute = client().newCall(new Request.Builder().url(this.properties.getTokenUrl()).addHeader("Content-Type", "application/json;charset=UTF-8").post(RequestBody.create(JSON.toJSONString(hashMap), MediaType.parse("application/json;charset=UTF-8"))).build()).execute();
            LOGGER.info("sso认证响应:{}", execute);
            if (!execute.isSuccessful()) {
                throw new HussarException("sso获取认证 token 请求异常" + execute.message());
            }
            Response execute2 = client().newCall(new Request.Builder().url(this.properties.getUserInfoUrl() + "?access_token=" + JSONObject.parseObject(((ResponseBody) Objects.requireNonNull(execute.body())).string()).getJSONObject("access_token").toString() + "&client_id=" + this.properties.getAppId()).addHeader("Content-Type", "application/json;charset=UTF-8").get().build()).execute();
            LOGGER.info("sso认证响应:{}", execute2);
            if (execute2.isSuccessful()) {
                return JSONObject.parseObject(((ResponseBody) Objects.requireNonNull(execute2.body())).string()).getJSONObject("loginName").toString();
            }
            throw new HussarException("sso获取认证 token 请求异常" + execute2.message());
        } catch (Exception e) {
            throw new HussarException("sso获取认证 token 失败", e);
        }
    }

    public void validateUser(AuthcDto authcDto, SysUsersDto sysUsersDto) {
    }

    private static OkHttpClient client() {
        if (client != null) {
            return client;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustAllCerts, new SecureRandom());
            client = new OkHttpClient.Builder().sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustAllCerts[0]).hostnameVerifier((str, sSLSession) -> {
                return true;
            }).connectTimeout(30L, TimeUnit.SECONDS).writeTimeout(30L, TimeUnit.SECONDS).readTimeout(30L, TimeUnit.SECONDS).build();
            return client;
        } catch (Exception e) {
            LOGGER.error("初始化sso HttpClient 失败", e);
            throw new HussarException("初始化sso HttpClient 失败");
        }
    }
}
